Update: The vulnerability affects all unpatched uTorrent versions, not just those that have the Web UI enabled.

Bummer for people like me who are using an old version of uTorrent from before it started going downhill. When I was reading the article I was hoping the vulnerability was only in the newer version(s).

If you disable the recommended settings (WebUI and net.discoverable setting) I don't think you will have an issue (at least a known one).

That being said most people are using older versions that aren't being patched.

I use rtorrent with rutorrent as a WebUI. It works great. Not as easy to set up as uTorrent, but handles a shit ton of torrents easily.

I am more than a bit confused here. Would running uTorrent 2.0.4 without enabling WebUI be enough to guard against this flaw? If not, what other settings could be disabled and how would doing so affect uTorrent's basic functionality? Many thanks!

uTorrent webBasically, this security hole allows an attacker to remotely get access to your uTorrent via the WebUI, and use that for malicious activities, like downloading viruses to your computer. Because of this, I strongly recommend that all users currently using the uTorrent webUI, disable it for the time being. (This applies to both uTorrent web and the WebUI inside 'normal' versions of uTorrent)

uTorrent ClassicEven if you have the WebUI disabled, there is another security bug that can be exploited. Among other things, this bug allows for crashing of uTorrent, and stealing of torrents. to prevent this, I strongly recommend that all uTorrent users disable the 'net.discoverable' setting. Some older uTorrent versions might not have this option. If you cannot find it, you might be safe from this bug.

After applying the setting, you should restart the client. (File>Exit, then starting it again)

Did you verify that other users had the same issue? Google did not turn up much for me. Are you sure it wasn't do to a connected peer in one of your torrents? I've seen similar behavior on utorrent due to someone in the swarm.

I've tested the latest and 3.3.16 today and malwarebytes has not detected anything.

Did you verify that other users had the same issue? Google did not turn up much for me. Are you sure it wasn't do to a connected peer in one of your torrents? I've seen similar behavior on utorrent due to someone in the swarm.

I've tested the latest and 3.3.16 today and malwarebytes has not detected anything.

It has been a while but I am not sure that I was even running any torrents at the point I upgraded. Hopefully it has all been worked out, whatever it was.